CVE-2014-5031

Published: 29 July 2014

The web interface in CUPS before 2.0 does not check that files have world-readable permissions, which allows remote attackers to obtains sensitive information via unspecified vectors.

Priority

Medium

Status

Package Release Status
cups
Launchpad, Ubuntu, Debian
Upstream
Released (1.7.4-5)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was released [1.7.2-0ubuntu1.2])
Patches:
Upstream: https://cups.org/strfiles.php/3371/str4455-1.7.patch